<!doctype html>
<html lang="en-US">
<body onload="run()">
</body>
</html>
<script>
  'use strict';

  function run() {
    var oauth2 = window.opener.swaggerUIRedirectOauth2;
    var sentState = oauth2.state;
    var redirectUrl = oauth2.redirectUrl;
    var isValid, qp, arr;

    qp = (window.location.hash || location.search).substring(1);

    arr = qp.split("&")
    arr.forEach(function (v, i, _arr) {
      _arr[i] = '"' + v.replace('=', '":"') + '"';
    })
    qp = qp ? JSON.parse('{' + arr.join() + '}',
        function (key, value) {
          return key === "" ? value : decodeURIComponent(value)
        }
    ) : {}

    isValid = qp.state === sentState

    if (oauth2.auth.schema.get("flow") === "accessCode" && !oauth2.auth.code) {
      if (!isValid) {
        oauth2.errCb({
          authId: oauth2.auth.name,
          source: "auth",
          level: "warning",
          message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server"
        });
      }

      if (qp.code) {
        delete oauth2.state;
        oauth2.auth.code = qp.code;
        oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
      } else {
        oauth2.errCb({
          authId: oauth2.auth.name,
          source: "auth",
          level: "error",
          message: "Authorization failed: no accessCode received from the server"
        });
      }
    } else {
      oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
    }
    window.close();
  }
</script>
